A frequently heard topic on this blog is about passwords. They are the entry point into protected systems, services, and devices that everyone uses. Well, unfortunately this week, the online auction giant eBay has fallen victim to cyber-attacks that have compromised many of the user account passwords stored on the site. Hackers were able to compromise a limited set of non-user but system account passwords to gain access to the eBay systems and internal network. eBay has stated that no un-authorized activity has been detected for any users nor did any financial information get stolen as of yet. eBay states that this information is kept completely separate from your initial login information and is stored encrypted. The breach also appears to have been closed but it is not known how long the attackers were in eBay’s systems. Today eBay is advising all users to change their passwords, regardless of how recently they have done so. It would be a good time to change your PayPal account password if you have one, as the company is a subsidiary of eBay and in your account you can link your PayPal account to your eBay account. Pick a strong password as always consisting of length and complexity using letters upper and lower case, numbers, and special characters. Also again make it memorable for you. The following site securely creates passwords called passphrases that would work for a good eBay password – https://xuntroubled.merchantquest.net/pwgen/ppgen.cgi
While eBay doesn’t directly support two-factor authentication, you can enable this on PayPal to make sure your actual payments sent or received for eBay are that much more protected.